Skip to content

Commit 8bc4958

Browse files
sahsanusahsanu
authored
Comment out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025 (hestiacp#5002)
1 parent 0ee561b commit 8bc4958

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

56 files changed

+168
-112
lines changed

install/deb/templates/mail/nginx/default.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,9 @@ server {
88

99
ssl_certificate %ssl_pem%;
1010
ssl_certificate_key %ssl_key%;
11-
ssl_stapling on;
12-
ssl_stapling_verify on;
11+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
12+
#ssl_stapling on;
13+
#ssl_stapling_verify on;
1314

1415
# TLS 1.3 0-RTT anti-replay
1516
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

install/deb/templates/mail/nginx/default_disabled.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,8 +7,9 @@ server {
77

88
ssl_certificate %ssl_pem%;
99
ssl_certificate_key %ssl_key%;
10-
ssl_stapling on;
11-
ssl_stapling_verify on;
10+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
11+
#ssl_stapling on;
12+
#ssl_stapling_verify on;
1213

1314
# TLS 1.3 0-RTT anti-replay
1415
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

install/deb/templates/mail/nginx/default_snappymail.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,9 @@ server {
88

99
ssl_certificate %ssl_pem%;
1010
ssl_certificate_key %ssl_key%;
11-
ssl_stapling on;
12-
ssl_stapling_verify on;
11+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
12+
#ssl_stapling on;
13+
#ssl_stapling_verify on;
1314

1415
# TLS 1.3 0-RTT anti-replay
1516
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

install/deb/templates/mail/nginx/disabled.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,9 @@ server {
88

99
ssl_certificate %ssl_pem%;
1010
ssl_certificate_key %ssl_key%;
11-
ssl_stapling on;
12-
ssl_stapling_verify on;
11+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
12+
#ssl_stapling on;
13+
#ssl_stapling_verify on;
1314

1415
# TLS 1.3 0-RTT anti-replay
1516
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

install/deb/templates/mail/nginx/snappymail.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,9 @@ server {
88

99
ssl_certificate %ssl_pem%;
1010
ssl_certificate_key %ssl_key%;
11-
ssl_stapling on;
12-
ssl_stapling_verify on;
11+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
12+
#ssl_stapling on;
13+
#ssl_stapling_verify on;
1314

1415
# TLS 1.3 0-RTT anti-replay
1516
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

install/deb/templates/mail/nginx/web_system.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,9 @@ server {
88

99
ssl_certificate %ssl_pem%;
1010
ssl_certificate_key %ssl_key%;
11-
ssl_stapling on;
12-
ssl_stapling_verify on;
11+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
12+
#ssl_stapling on;
13+
#ssl_stapling_verify on;
1314

1415
# TLS 1.3 0-RTT anti-replay
1516
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

install/deb/templates/web/nginx/caching.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,9 @@ server {
1111

1212
ssl_certificate %ssl_pem%;
1313
ssl_certificate_key %ssl_key%;
14-
ssl_stapling on;
15-
ssl_stapling_verify on;
14+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
15+
#ssl_stapling on;
16+
#ssl_stapling_verify on;
1617

1718
# TLS 1.3 0-RTT anti-replay
1819
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

install/deb/templates/web/nginx/default.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,9 @@ server {
1111

1212
ssl_certificate %ssl_pem%;
1313
ssl_certificate_key %ssl_key%;
14-
ssl_stapling on;
15-
ssl_stapling_verify on;
14+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
15+
#ssl_stapling on;
16+
#ssl_stapling_verify on;
1617

1718
# TLS 1.3 0-RTT anti-replay
1819
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

install/deb/templates/web/nginx/hosting.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,9 @@ server {
1111

1212
ssl_certificate %ssl_pem%;
1313
ssl_certificate_key %ssl_key%;
14-
ssl_stapling on;
15-
ssl_stapling_verify on;
14+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
15+
#ssl_stapling on;
16+
#ssl_stapling_verify on;
1617

1718
# TLS 1.3 0-RTT anti-replay
1819
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

install/deb/templates/web/nginx/php-fpm/chevereto.stpl

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,8 +15,9 @@ server {
1515

1616
ssl_certificate %ssl_pem%;
1717
ssl_certificate_key %ssl_key%;
18-
ssl_stapling on;
19-
ssl_stapling_verify on;
18+
#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
19+
#ssl_stapling on;
20+
#ssl_stapling_verify on;
2021

2122
# TLS 1.3 0-RTT anti-replay
2223
if ($anti_replay = 307) { return 307 https://$host$request_uri; }

0 commit comments

Comments
 (0)